I'm trying to evaluate Cyren Antivirus. At first it seemed that there might not be a good way to evaluate the product as the actions for a virus result were Delete, Move to Junk Email Folder, and Add Text to Subject. I was hoping that I could capture these in Quarantine.
I set the actions for a Virus Result and High Result to Move to Junk Email Folder, and the Medium Result to Add Text to Subject and I specified the subject.
Now I find that the Quarantine has a bunch of files in it fro Cyren hits, a spot check found none of these in the customer's Junk Mail folders or tagged in the subject. The Delivery log shows that these were quarantined. I cannot determine what might have been a Virus, High or Medium result, but it seems that unless these were forwarded off the server, they were all captured in quarantine. Log snippets are as follow:
[2018.12.02] 20:49:43  Delivery started for firstname.lastname@example.org at 8:49:43 PM
[2018.12.02] 20:49:49  Added to SpamCheckQueue (1 queued; 0/50 processing)
[2018.12.02] 20:49:49  This message has been quarantined because a virus was found.
[2018.12.02] 20:49:49  Removed from SpamCheckQueue (0 queued or processing)
[2018.12.02] 20:49:52  .eml file not found. Removing .hdr file.
[2018.12.02] 20:49:52  Delivery finished for email@example.com at 8:49:52 PM [id:17372121]
20:49:49 Reading Message from Stream...
20:49:49 Scanning Message: 72121
20:49:49 Sent Result(72121:Confirmed|Virus) back to server